On Mon, 2009-10-12 at 09:55 +0300, Jouni Malinen wrote: > On Sat, Oct 10, 2009 at 06:24:26PM +0200, Johannes Berg wrote: > > On the other hand, I think Jouni's argument is that you should be able > > to authenticate (force an auth frame exchange) even while authenticated. > > I don't really disagree with that all that much, but I'm not sure how to > > cleanly fit it in. mac80211 would have to reset the auth state without > > sending a deauth. > > Yes, this is exactly what I would like to see happening when using > mac80211. For now, I think we can work around the issue in > wpa_supplicant, but eventually, this change in mac80211 would allow the > code in wpa_supplicant to be cleaned up and the need for an extra > deauthentication frame could be removed. This would require a change in cfg80211 too, since that keeps the BSS list around and refuses this, mac80211 isn't necessarily involved. However, we need to spec it out more clearly. For instance, we'd have to not add a new work item and try for another authentication, but rather use the old one. Right? I'm happy to have such a change, but it needs to be clearly documented what is expected of drivers that get an auth() call while already authenticated with that AP. Especially since it's not just send_auth_frame(), as we expect the driver to handle the entire handshake for WEP SK auth. johannes
Attachment:
signature.asc
Description: This is a digitally signed message part
